Appl. No. 10/033,373 

Amdt. dated February 6, 2006 

Reply to Advisory Action of January 5, 2006 

This listing of claims replaces all prior versions, and 
listings of claims in the instant application: 

Listing of Claims; 

1. (Currently Amended) A method for obtaining a service 
on a data communications network, the method comprising: 

enrolling with an authority, said enrolling creating 
enrollment results, said enrollment results comprising 
user data in a credential used for user authentication ; 
and 

using said enrollment results to obtain a service 
from a service provider on said data communications 
network , said service provider capable of communicating 
with said authority to verify dynamically authenticate 
said enrollment results wherein said service provider is 
an entity that is different from an entity that is said 
authority. 

2 . (Currently Amended) A method for managing 
identification in a data communications network, the method 
comprising : 

generating a credential including authenticated user 
data, said generating comprising: 

presenting a request for authenticated user data 
and a first set of user data to an authority; and 

receiving said credential including said 
authenticated user data from said authority in 
response to said request; and 

using said credential including said authenticated 
user data to obtain at least one service on said data 
communications network, said using comprising: 

presenting a service request and said 
credential including said authenticated user 
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data to a service provider on said data 
communications network ; and 

receiving said at least one service in 
response to said service request if said service 
provider determines said authenticated user data 
is sufficient to provide said at least one 
service wherein said service provider is capable 
of communicating with said authority to verify 
dynamically authenticate said enrol Imcnt re aul t d 
authenticated user data and further wherein said 
service provider is an entity that is different 
from an entity that is said authority . 



3. (Currently Amended) A program storage device readable 
by a machine, embodying a program of instructions executable by 
the machine to perform a method for obtaining a service on a 
data communications network, the method comprising: 

enrolling with an authority, said enrolling creating 

enrollment results, said enrollment results comprising 

user data in a credential used for user authentication ; 

and 

using said enrollment results to obtain a service 
from a service provider on said data communications 
network, said service provider capable of communicating 
with said authority to verify dynamically authenticate 
said enrollment results wherein said service provider is 
an entity that is different from an entity that is said 
authority . 
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4. (Currently Amended) A program storage device readable 
by a machine, embodying a program of instructions executable by 
the machine to perform a method for managing identification in 
a data communications network, the method comprising: 

generating a credential including authenticated user 
data, said generating comprising: 

presenting a request for authenticated user data 
and a first set of user data to an authority; and 

receiving said credential including said 
authenticated user data from said authority in 
response to said request; and 

using said credential including said authenticated 
user data to obtain at least one service on said data 
communications network, said using comprising: 

presenting a service request and said 
credential including said authenticated user 
data to a service provider on said data 
communi cat ions network ; and 

receiving said at least one seirvice in response 
to said service request if said service provider 
determines said authenticated user data is sufficient 
to provide said at least one service wherein said 
service provider is capable of communicating with 
said authority to verify dynamically authenticate 
said enrollment rcoulto authenticated user data and 
further wherein said service provider is an entity 
that is different from an entity that is said 
authority . 
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5. (Currently Amended) An apparatus for managing 
identification in a data communications network, the apparatus 
comprising : 

means for generating a credential including 
authenticated user data, said means of generating 
comprising: 

means for presenting a request for authenticated 
user data and a first set of user data to an 
authority; and 

means for receiving said credential including 
said authenticated user data from said authority in 
response to said request; and 

means for using said credential including said 
authenticated user data to obtain at least one service on 
said data communications network, said means for using 
comprising: 

means for presenting a service request and 
said credential including said authenticated 
user data to a seirvice provider on said data 
communications network ; and 

means for receiving said at least one service in 
response to said service request if said sejrvice 
provider determines said authenticated user data is 
sufficient to provide said at least one service 
wherein said service provider is capable of 
communicating with said authority to verify 
dynamically authenticate said enrollment rcoult 
authenticated user data and further wherein said 
service provider is an entity that is different from 
an entity that is said authority . 
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6. (Currently Amended) An apparatus for managing 
identification in a data communications network, the apparatus 
comprising : 

means for receiving a user- control led secure storage 
devices- 
means for enrolling said user with an authority, said 
enrolling comprising providing information requested by 
said authority; 

means for receiving a credential including user data_^ 
in response to said enrolling , wherein said credential is 
used for user authentication ; 

means for storing said credential including said user 
data in said user-controlled secure storage device; and 

means for using said credential including said user 
data at a service provider Web site to obtain a service 
wherein said service provider Web site is capable of 
communicating with said authority to dynamically 
authenticate said authenticated user data and further 
wherein said service provider Web site is an entity that 
is different from an entity that is said authority . 

7. (Cancelled) 
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8. (Currently Amended) An apparatus for obtaining a 
service on a data communications network, the apparatus 
comprising : 

a service provider configured to accept a service 
request and a credential including enrollment results 
obtained from an enrollment authority, said service 
provider capable of communicating with said authority to 
verify dynamically authenticate said enrollment results, 
said service provider configured to provide said service 
based upon said enrollment results and a response from 
said enrollment authorit y, wherein said service^ provider 
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is an entity that is different from an entity that is said 
authority . 

9. (Cancelled) 

10. (Currently Amended) An apparatus for managing 
identification in a data communications network, the apparatus 
comprising : 

a service provider configured to accept a searvice 
request, a credential including a first set of user data 
and a second set of user data including support 
information for said credential , said first set of user 
data comprising user data authenticated by an authority, 
said service provider further configured to determine 
whether said first set of user data and said second set of 
user data are sufficient to provide said service, said 
service provider further configured to provide said 
service based upon said determination , wherein said 
service provider is an entity that is different from an 
entity that is said authority . 
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